CVE-2026-12488

MEDIUM EPSS 9.7%

Published Jun 24, 20265d ago · Modified Jun 24, 20265d ago

6.2 CVSS 3.1

Medium

Published Jun 24, 2026 5d ago

Last Modified Jun 24, 2026 5d ago

Description

A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability.

CVSS Details

Base Score

6.2

Exploitability

1.0

Impact

4.7

Vector string

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:H

Attack Vector Network

Attack Complexity High

Privileges Required High

User Interaction Required

Scope Changed

Confidentiality Low

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

9.7% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-121

References 3

talosintelligence.com https://talosintelligence.com/vulnerability_reports/TALOS-2026-2411
geovision.com.tw https://www.geovision.com.tw/cyber_security.php
talosintelligence.com https://www.talosintelligence.com/vulnerability_reports/TALOS-2026-2411

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.